According to a new report from Liminal, a leading and competitive intelligence company, global spending on third-party risk management (TPRM) is set to more than double-from $9.0 billion in 2025 to $19.9 billion by 2030. As third-party ecosystems expand, security threats multiply, and regulations tighten, this rapid growth signals a decisive market shift for companies striving to protect their data, operations, and reputations.

Liminal forecasts the third-party risk management solutions market to reach $19.9B in the next five years. The market and buyer's guide is available at

Despite managing over 250 third-party relationships on average, Liminal's research found that fewer than half of organizations continuously monitor these vendors. Reliance on static questionnaires and annual audits has proven ineffective, with fewer than 10% of practitioners trusting their assessments. As compliance demands tighten-evidenced by GDPR fines in the billions of dollars-and threats evolve toward AI-enabled scams and cloud weaknesses, these outdated methods fail to identify emerging risks, leaving companies exposed.

While most organizations recognize the urgency of new risk conditions and have increased their TPRM budgets, practitioners cite that progress is stalled by fragmented spending, siloed information, and manual workflows. The report shows that firms that invest in continuous monitoring, automation, and integrated solutions gain a clear advantage. By shifting from reactive, error-prone approaches to always-on, data-driven insights, decision-makers can detect vulnerabilities early, meet regulatory requirements more effectively, and foster stronger trust across their supply chains.

"With TPRM spending nearly doubling and fewer than half of organizations conducting real-time checks, the data shows a clear mandate: it's time to evolve from basic, outdated compliance tasks to continuous, forward-looking risk intelligence," said Travis Jarae, CEO of Limina . "Leading companies leverage automation and integrated analytics to stay ahead of emerging threats, turning risk management into a strategic advantage."

Rapid Market Growth: TPRM spending is set to more than double-from $9.0 billion in 2025 to $19.9 billion by 2030 at a 17.1% CAGR-as businesses grapple with mounting cybersecurity threats and new regulations.

Lagging Maturity: Only 9% of organizations have fully advanced TPRM capabilities, leaving most struggling to safeguard their operations and reputations.

Visibility and Trust Issues: Fewer than half of companies continuously monitor their third parties; 83% say current risk assessment methods are too complicated, and many doubt the reliability of vendor-provided information.

Emerging Risks: Most firms acknowledge the urgency of AI governance and cloud vulnerabilities, but fewer than half have moved beyond awareness to action.

Future-Focused Readiness: As 42% of organizations target advanced TPRM within 24 months, investment in solutions that tackle AI and cloud vulnerabilities will be a defining trend.

Fragmented Spending: In the past two years, most businesses allocated 10% or less of their critical risk management budgets to TPRM, and today's budgets remain scattered across functions-limiting strategic impact.

Data and Automation as Catalysts: With 86% of practitioners surveyed prioritizing data accuracy and 82% calling automation critical, organizations now view integrated, real-time solutions as game changers for closing risk gaps. Shift to Continuous Monitoring: Over the next two years, more companies plan to invest in advanced, always-on monitoring tools, aiming to move beyond static checks toward faster, smarter responses to emerging threats.

"From healthcare providers working to safeguard patient data against potentially compromised supply chains to financial institutions navigating emerging regulations and data handling risks, the stakes have never been higher," said Joe Stuntz, Principal Advisor at Limina .

"Leaders who invest in advanced analytics, integrated solutions, and real-time monitoring not only mitigate threats-they position their organizations for sustained growth and trust in a digital-first economy."

